Re: [PATCH 5/9] security: keys: trusted: Allow storage of PCR values in creation data

From: Matthew Garrett
Date: Mon Feb 22 2021 - 02:42:53 EST

Next message: Matthew Garrett: "Re: [PATCH 7/9] pm: hibernate: Optionally use TPM-backed keys to protect image integrity"
Previous message: Dmitry Vyukov: "Re: [PATCH] mm/kasan: remove volatile keyword"
In reply to: Ben Boeckel: "Re: [PATCH 5/9] security: keys: trusted: Allow storage of PCR values in creation data"
Next in thread: Matthew Garrett: "[PATCH 6/9] pm: hibernate: Optionally store and verify a hash of the image"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, Feb 20, 2021 at 05:09:07AM +0200, Jarkko Sakkinen wrote:

> Something popped into mind: could we make PCR 23 reservation dynamic
> instead of a config option.
>
> E.g. if the user space uses it, then it's dirty and hibernate will
> fail. I really dislike the static compilation time firewall on it.

We can fail hibernation if userland hasn't flagged things, but the
concern is that if you hibernate with PCR 23 blocking enabled and then
reboot with the blocking disabled, userland can obtain the blob from the
hibernation image, extend PCR 23, modify the image and use the key
they've recovered to make it look legitimate, enable PCR 23 blocking
again and then resume into their own code.

Next message: Matthew Garrett: "Re: [PATCH 7/9] pm: hibernate: Optionally use TPM-backed keys to protect image integrity"
Previous message: Dmitry Vyukov: "Re: [PATCH] mm/kasan: remove volatile keyword"
In reply to: Ben Boeckel: "Re: [PATCH 5/9] security: keys: trusted: Allow storage of PCR values in creation data"
Next in thread: Matthew Garrett: "[PATCH 6/9] pm: hibernate: Optionally store and verify a hash of the image"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]